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One of the most severe issues in the cloud is security. In comparison to 
financial data, so it is extremely sensitive and must be safeguarded against 
unwanted access. We have developed a proposed system based on three 
different keys. We divided the data into insensitive, sensitive, and highly 
sensitive data. The data will be saved on a separate cloud server. The 
proposed system used different keys for encryption and decryption purposes. 
The elliptic curve cryptography (ECC) based distributed cloud-based secure 
data storage (DDSPE) approach was proposed to provide secure large data 
based data protection across the different clouds. With DDSPE technology, 
the ECC scheme has been used for encryption and decryption purposes. The 
cloud is used for simulation. The results of the tests reveal that the suggested 
DDSPE system is safe and saves time regarding data retention and retrieval. 
To analyze performance, we compared the DDSPE method with advance 
encryption standard (AES), blowfish, rivest shamir adleman (RSA), 
security-aware efficient distributed storage (SA-EDS), and attribute based 
encryption (ABE) based secure distributed storage (ASDSS). In terms of 
information retention and recovery, our methodology is quite effective 
because it requires less amount of time as compared to other strategies. 
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1. INTRODUCTION 


Cloud computing has attracted the attention of various communities in society like researchers, 
banking, consumer, student, business, and government organizations [1]. Financial data requires security 
from hackers and avoiding cybercrime; cloud computing technology is a transformative digital solution that 
provides the banking industry with unequaled levels of agility, confidentiality, and portability while 
increasing its ability to handle massive volumes of data [2]. In order to fulfill an agreement to provide certain 
services, "the cloud,” which is a distributed and parallel computing platform, is employed in conjunction with 
network access on demand. The internet and its associated computer networks make up a cloud, and its 
datacenters handle the necessary hardware and software to mainly carry out computational and storage 
functions [3], [4]. The proposed algorithm is efficient enough to allow financial service organizations to 
ensure the protection of sensitive data by utilizing resources in a very convenient and dynamic manner. As 
demonstrated in Figure 1, cloud computing simply means that retrieving data from one computer to another 


over networking is simple and quick. 
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Figure 1. Cloud computing: an overview [5] 


Dropbox, box, and sugar sync are examples of hybrid systems that collect an online synced version 
of your files. They also synchronize these files with local storage. The cloud computing experience relies 
heavily on synchronization. Furthermore, computing in the cloud is defined as a group of people with various 
systems that requires the same synchronized data. A decade ago, an IT project or startup required stable and 
internet-connected computing resources for multiple datacenters [6]. 

The rise of cloud data repositories and cloud computing is accelerated that paves way for big data to 
emerge. The use of the same technology to co-modify data storage and calculation time is known as cloud 
computing. It has a number of important advantages over traditional physical deployments. Not only that, but 
cloud platforms come in a variety of shapes and sizes, and they're occasionally coupled with traditional 
systems. It represents a deadlock for decision-takers in charge of large data projects [7]. Under what ways or 
which services of cloud computing would be the ideal fit for your computing needs, especially if you're 
working on a big data project? as illustrated in Figure 2, where huge data and its characteristics are displayed, 
these preparations frequently indicate bursting [8], fluctuating or storage requirements, and massive 
computational power. Profitable stakeholders visualize low-cost solutions and self-sufficient project 
outcomes and products. 
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Figure 2. Big data [9] 


Big data is the phrase that refers to data volumes that are so massive and complicated that traditional 
applications are unable to handle them. New difficulties involve data collection, curation, search, and sharing 
of information storage, transport, visualization, and privacy [10]. Big data typically deal with large amounts 
of information gathered from multiple sources, which can lead to issues such as heterogeneity, which is 
currently being investigated. Resource allocation, scalability migration, cloud load balancing, and other 
issues are currently being researched. 

A lot of privacy concerns arise from data gathering, including the use of analytical tools to extract 
data. As data is fake and spreads around the globe, ensuring privacy, and data security has become extremely 
difficult. Analytics regularly mine users' sensitive data that includes energy depletion, medical proceedings, 
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online behavior, supermarket records, and so on, inspection of this data reveals concerns about summarizing, 
perception, loss of control, and elimination [11]. 

Big data refers to massive amounts of data with unusual velocities and a wide range. The latter takes 
into account the large and varied amount of data generated by numerous assets that are self-sufficient [12]. 
Massive amounts of data are delivered in the direction of massive database management systems (DBMS) 
with different speeds and with different codes via a few different sources. It is because each data creditor 
chooses their methods or schemata for statistics files, and the nature of each package leads to different factual 
information. Working with a large number of entries and different speed costs seems to be a difficult issue 
that big data structures should handle [13]. 

Loss of data could result in a loss of value. In the event of a dangerous or critical accident, such as 
floods, earthquakes, or fires, statistical losses should be kept to a minimum. To meet these criteria, 
information should be available quickly in the event of an incident, with little disruption and loss. Despite the 
fact that it is a vital issue, there is a noticeable lack of research in this field [14]. 


2. PROPOSED METHOD 
2.1. Literature review 

Proposed a solution for secure communication between IJoT devices and a distant server using 
lightweight elliptic curve encryption (ECC). ECC-constrained application protocol (ECC-CoAP) was the 
recommended CoAP implementation for IoT network authentication. Analysis of cryptographic threats 
confirmed ECC-safety CoAP's capacity. All assaults were well-defended. This method addresses important 
management and security concerns in IoT systems with minimal resources [15]-[17]. 

Suggested a problem with Bluetooth security, specifically secure easy pairing, utilizing a four-user 
authenticated key (4UAK) using ECC. The research covers secure simple pairing (SSP) with ECC design, 
implementation, and performance assessment (ECC). Using end-to-end latency, packet loss rate, throughput, 
the performance and security of a Bluetooth-based protected, and easy pairing idea were tested using 
ECC [18]. 

Created an asymmetric multiple-image encryption technique using ECC and a response code. The 
cipher-text picture was decrypted digitally. Asymmetric encryption employs public and private keys. The 
method can encrypt 16 photographs simultaneously. Simulations showed the encryption scheme's 
effectiveness and resilience. Using image histogram, correlation of neighboring pixels, information entropy, 
and key space analysis, the system proved resistant to a range of assaults [19]. 

A three-factor remote user authentication mechanism based on ECC was suggested to secure the 
communicating user's privacy and data confidentiality. Investigated many cryptographic attacks. The 
suggested system is impervious to such assaults. A comparison of the proposed scheme's computation and 
communication overheads with other existing protocols showed that it was lightweight and successful [20]. 

Built an anonymous authentication mechanism for wireless body area networks (WBAN), pointing 
up security weaknesses including known session-specific temporary information (KSSTD, insider, and clock 
synchronization issues. The project aimed to provide a lightweight ECC-based authentication mechanism for 
the internet of medical things OMT). The protocol's rivals were examined on security, compute, storage, 
and communication costs. The findings showed that the suggested protocol was more resilient and could be 
implemented more easily [21]. 

Deliberated Rivest-Shamir—Adleman (RSA) asymmetric cryptography system. It tries to show the 
domains of RSA technique used in public networks, wireless sensor networks, picture encryption, cloud 
computing, proxy signature, IoT, and embedded devices. So analyzed RSA scheme trends and performance 
parameters such as security, speed, efficiency, computational complexity, and space. This study also 
described the scheme's methodology and strengths [22], [23]. 

Offered physical space on a variety of storage devices to speed up Internet data transfer while 
encrypting and hiding it from outsiders. The research uses hybrid data compression to enhance the quantity 
of data to be encrypted using RSA encryption. Lossy and lossless Steganography might also be used. The 
study's results were compared to similar industries. The algorithm's visual quality and storage capacity were 
tested well. The algorithm's security and attack resistance beat the competition [24]. 

A gravitational search algorithm (GSA) based ECC-dependent picture encryption technique was 
suggested. ECC's private key generation stage utilized GSA to optimize image encryption. Photo output, like 
peak signal to noise ratio (PSNR), is employed as just a validity feature in the optimization phase, 
demonstrating the suggested approach's usefulness. The recommended encryption approach provides better 
PSNR values than ECC. Image encryption allows users to send digital photos wirelessly while ensuring 
privacy and authenticity [25]. 
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Provided a detailed review of cryptography, encryption, decoding, and RSA public key 
cryptography, as well as relevant military, commercial, privacy, and information security applications. 
Personal weaknesses in RSA information security were questioned. The research examined RSA and 
cryptographic system fundamentals. Based on RSA cryptography and its uses, new software to improve the 
RSA algorithm was released [26]. 

Studied data encryption standard (DES) private and RSA public techniques. Both methods' ability to 
encrypt and decode plaintext quickly was their defining characteristic. Encryption and decryption throughput 
was also considered. Finally, a formula for calculating encryption and decryption throughput was found [27]. 

A cryptographic technique might boost security for vehicle over-the-air updates. Attribute based 
encryption (ABE) protected over-the-air software upgrades. State of the art alternatives lacked this feature. 
ABE may incorporate into over the air (OTA) update procedures while conforming to automotive design and 
documentation requirements. The study found low-cost ways to boost security [28]. 


2.2. Problem definition 

The cloud's security has long been a major worry, and stored data in a cloud can be readily accessed 
by spammers. Your personal information is accessible to them. To ensure security for massively scattered 
data in multiple clouds, especially financial data therefore the suggested study proposes an ECC-based safe 
shared storage mechanism for big data in cloud storage (DDSPE). 


3. METHOD 
3.1. Data division 

The encryption techniques secure confidential information and reduce the chances of unauthorized 
access. These strategies ensure that data is secure and that it is divided into separate groups. Then different 
keys are used to encrypt the input and stored the data in the database. The data is split into three parts based 
on its sensitivity, which is sensitive, less sensitive, and highly sensitive as explained in Figure 3. Then, the 
encryption key is used on sensitive, less sensitive, and highly sensitive data. Encryption techniques provide 
security and improvement for cloud-based distributed storage. 


Less Sensitive Sensitive 


Figure 3. Data division 


3.2. Provide security to distributed cloud storage based on ECC 

Using this proposed technology, the storage is supplied with high-level security. The input data is 
split into three parts namely sensitive, less sensitive, and highly sensitive. Then, the input data is allotted to 
its sensitivity level. Based on the data sensitivity level, different keys are applied. The very strong key is used 
for the most sensitive data. In this step, encryption techniques such as advance encryption standard (AES), 
rivest shamir adleman (RSA), and ECC are used for the less sensitive, sensitive, and more sensitive data. 

After that, the data is stored on cloud storage as demonstrated in Figure 4. The encrypted data is then 

decrypted using decryption. The keys are used to decrypt data that is kept in the cloud. Finally, we combine 

the decrypted data with the original data to obtain the original data. There are three stages to the process: 

— Phase 1: the data is separated into three groups in phase 1, namely: sensitive data, less sensitive data, and 
extremely sensitive data. Information that is more sensitive, such as user ids and passwords, is classified 
as highly sensitive data. The encryption algorithm is applied to data using the keys. Based on the data 
sensitivity level, AES is used for less sensitive, RSA is for sensitive, and ECC is used for highly sensitive 
data. Encryption techniques are used to secure the data before sending it to the database. 

— Phase 2: in phase 2, the encrypted data is stored on the cloud storage, which is encrypted with different 
keys. 

— Phase 3: in this phase, the ciphertext will convert into a readable format. By using the same keys that we 
used for the encryption time, the decryption technique is performed. Once the decryption is done, we now 
merge the data and get the original data, which is secured. 
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Figure 4. DDSPE's flowchart 


3.3. Distribution of data and encryption algorithm 

The encryption approach divides the data into three categories: sensitive, less sensitive, and more 
sensitive. The data is distributed by dividing it into groups based on its labels. The inputs include name of 
data (NOD), a list of more sensitive data (list 1), and a list of sensitive data (list 2). N are the names of the 
label of each NOD. After the distribution of data, the output includes the different names of data based on 
their sensitivity level. Algorithm 1 shows the pseudo-code of the distribution of data and encryption 
algorithm. Following are the steps of algorithms: 


Step 1: Lists of data are used as input (List 1, List 2). Listl contains highly sensitive 
data, List2 contains sensitive data, and List3 contains the data's searchable name. 


Step 2: For each NOD, search every label of the information and see if it corresponds to 
List 1 or List 2 or not. 

Step 3: If the data is found in List 1, the data will be encrypted using the ECC algorithm. 
Step 4: If the data is found in List 2, the data will be encrypted using the RSA algorithm. 
Step 5: Otherwise, the data will be encrypted using the AES algorithm. 


Step 6: All encrypted data is the output that includes a, b, c. The encrypted data is 
stored on different cloud storage. 
Algorithm 1 distribution of data and encryption algorithm 
Require: NOD, Listl, List2 

Ensure: s, a, b, € 

1. Input NOD, Listl, List2 

READ: data is read from the input source. 

For V NOD do 

For each name of data do 

If a Li List 1 exists, then 

Keyl is created using genKey (P, Q, R) 
Execute ECC algorithm for the encryption of data with Keyl 
Create a 
Else if a Li List 2 is present, then 

Key2 is created using genkey (P, Q, R) 

Execute RSA algorithm for the encryption of data with Key2 
Generate b 

Else 

Generate random Key3 

Do AES operation for the encryption of data using Key3 
Generate y 

End if 

End for 

Generate S values 

End for 

Output a, b; c 
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3.4. Algorithms for data retrieval 

The original data will be retrieved using this algorithm that is distributed in Algorithm 1. The 
algorithm's inputs are a, b, c, keyl, key2, and key3. Then, the algorithm gives the output S. Algorithm 2 
shows the pseudo-code. Following are the steps for the algorithm of data retrieval: 


Step 1: In stepl, the encrypted data will be the input that we got from Algorithm 2. Then 
the keys will be required to decrypt the data that is stored in a register. 

Step 2: Initialize a few datasets d, d’, d’’ used for the storage of data after decryption. 
Step 3: Decrypt the data using the algorithm and generated keys. 

Step 4: To get the original data, after the decryption of data, merge all the data. 

Step 5: And the original data will be the output. 

Algorithm 2 data restoration algorithm 

Essential: a, b, c, Keyl, Key2, Key3 

Ensure: S 

1. Input a, b, c, Keyl, Key2, Key3 

Initialize d0, d’ <0, d’’ -0 

/* Inputs a, b, and c are received from several cloud servers */ 

d - Decrypt a using Keyl with the ECC algorithm 

d’ « Decrypt b using Key2 with the RSA algorithm 

d''e- d @Key3 

S — Combine d, d'and d’’ to obtain original data 

Output S 


oNN 0an BABUN 


4. RESULTS AND DISCUSSION 
4.1. Implementation 

Python is a development, machine learning, and data science. It also has an extensive selection of 
libraries and frameworks. Python is an open-source popular language for cryptography. Python3 supports 
advanced techniques like artificial intelligence, machine learning, and deep learning. Libraries used: 

— Pyaes: itis a pure-python implementation of the AES block-cipher algorithm. 

— Pbkdf2: it is an algorithm based on passwords for key generation. 

— Binascii: using this, binary gets converted to ASCII. 

— Secrets: this library is used to generate random numbers to be cryptographically secure. 

We have shown the results below all the encryption techniques. These algorithms ensure 
confidentiality and power key security initiatives such as authentication and integrity. Figure 5 shows the 
keys generated for encryption and decryption using AES. AES supports the largest bit size and is made 
unbreakable with the brute force method. 


=] PyCharm Community Edition ¥ Tue 10:48 AM 


pythonProject2 - data.py 


it 
a 


Figure 5. AES key generation 
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Figure 6 depicts AES-key generation for 128-bit. During the decryption and encryption processes, 
encryption and decryption schemes of AES are initialized and processed. Figure 7 shows both RSA's 


initialization and processing. Figure 8 illustrates both the encryption and decryption processes involved in the 
ECC scheme. 
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Figure 7. RSA process 
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Figure 8. ECC process 


4.2. Discussion and results of simulation 

CloudSim toolkit 3.0.3 was used along with Eclipse as an integrated development environment 
(IDE). Java 1.8 was used as a platform for implementing the proposed scheme, DDSPE. We used financial 
data in this example as input data and encrypted it, then stored it on a cloud. For the distribution of data and 
encryption, Algorithm 1 was executed and its implementation was shown in Table 1. For the retrieval of data, 
Algorithm 2 was executed. It is clearly visible from the results of the experiment that the proposed technique 
consumed a short time for the storage and retrieval of data in different formats like gigabyte (GB), megabyte 
(MB), and kilobyte (KB). The comparisons were made between DDSPE and security-aware efficient 
distributed storage (SA-EDS). DDSPE proved that it consumed less time in storing and retrieving the data 
GB, MB, and KB. Figure 9 shows that DDSPE consumes less time to store the data as compared to other 
methods. Hence, the more efficient technique is DDSPE. 


Table 1. Key of type’s techniques 
Methods Key Length (BIT) 


ECC 12 
ABE 50 
AES 66 
BLOWFISH 34 
RSA 50 
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Figure 9. A comparison of the many forms of data storage and data retrieval of DDSPE, SA-EDS, ECC, 
blowfish, RSA, and ASDSS in GB 
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Figure 10 shows the data storage in MB and DDSPE’s comparison with other methods in terms of 
execution time. Figure 11 shows comparison of DDSPE with other approaches. It shows that DDSPE gives 
better performance when it is compared with blowfish, AES, RSA, and ECC. DDSPE consumes less time to 
store the data in KB. Figure 12 shows the comparison of DDSPE with the other methods. It shows that 
DDSPE gives better performance when it is compared with RSA, blowfish, AES, and ECC. DDSPE 
consumes less time to retrieve the data in GB. 
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Figure 12. DDSPE and other methods data retrieval comparison in GB 
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Figure 13 shows the comparison of DDSPE with the other methods. It shows that DDSPE gives 
better performance when it is compared with RSA, blowfish, AES, and ECC. DDSPE consumes less time to 
retrieve the data in MB. 
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Figure 13. DDSPE and other methods data retrieval comparison in MB 


Figure 14 shows the comparison of DDSPE with the other methods. It shows that DDSPE gives 
better performance when it is compared with RSA, blowfish, AES, and ECC. DDSPE consumes less time to 
retrieve the data in KB format. 
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Figure 14. DDSPE and other methods data retrieval comparison in KB 


5. CONCLUSION 

A variety of methods have been tested over last three decades for safety purposes by many 
scientists. Many new methods have also been tested and developed in different parts of the world with the 
use of multiple methods of cryptography and various algorithms for encrypting data. No algorithm has yet 
been shown to be completely safe. Cloud computing enables complete storage, network access, accounting, 
consumer applications, and businesses. Cloud computing has a lot of cool benefits such as much-needed user, 
pay per use, shared pool calculations, fast expansion, and desired services. Cost savings are a huge benefit to 
the cloud. Cloud security is a main limitation faced by user in cloud. Storing the data on a cloud server is a 
huge difficulty. The user does not have complete control over their data on the cloud. Many encryption 
solutions rely on passwords to keep the server secure. Large data collection is a cloud computing strategy for 
dealing with high-level storage rather than security concerns like availability, reliability. As the bulk of the 
data grows larger, system integration gets more complex. Safety is a fundamental problem in modern 
security. The data sync problem only occurs in huge storage due to computer resource constraints. Data is 
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stored in the same cloud in a present system, and therefore only a single key is used for decryption and 
encryption. This program's data might be readily hacked. As a result, the DDSPE system is presented as a 
solution to this problem. In this case, the input is still divided into three pieces (based on its sensitivity level), 
every component is encoded with AES, SA-EDS, ECC, RSA, blowfish, and ASDSS, among other 
approaches. These bits of data would be encrypted and stored on separate cloud servers, with keys required to 
retrieve, decrypt data. As a result, our technique outperforms SA-EDS, AES, blowfish, and RSA related to 
data preservation and retrieval efficiency. In comparison against SA-EDS, AES, ASDSS, blowfish, and RSA 
techniques, DDSPE requires less time to recover data in MB, KB, and GB. 
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